Posted in Exploits Penetration Testing Web Application

ATutor 2.2.4 ‘language_import’ Arbitrary File Upload / RCE (CVE-2019-12169)

This proof of concept is demonstrating a vulnerability in ‘/mods/_core/languages/language_import.php’ that can be used to get remote code execution. The code can be modified to…

Continue Reading?
Posted in Penetration Testing Web Application

Deserialization Exploitation Framework

Deserializer Exploitation Framework * Enumerate the code entry points – What code does the deserializer call on my objects? * Enumerate the immediate gadget pool…

Continue Reading?
Posted in Penetration Testing

OS detection with ping

OS detection with ping: Windows TTL=128 | Linux TTL=64 | Network Equipment= Usually +200 TTL   p.s thanks ipp

Continue Reading?
Posted in Computing Security Penetration Testing Windows

SMB Shares

Reference: //Good video talking about talking about taking advantage of SMB shares http://obscuresecurity.blogspot.com/2012/05/gpp-password-retrieval-with-powershell.html http://esec-pentest.sogeti.com/exploiting-windows-2008-group-policy-preferences   // The video below is a good demonstration of putting…

Continue Reading?
Posted in Penetration Testing

Pivoting Notes

Pivoting If you can SSH to the compromised server by using ssh, you can use the SSH Dynamic Port Forwarding (Socks Proxy) or SSH Local…

Continue Reading?